DE112018004408B4 - Identifikation von angriffsströmen in einer mehrschichtigen netzwerktopologie - Google Patents
Identifikation von angriffsströmen in einer mehrschichtigen netzwerktopologie Download PDFInfo
- Publication number
- DE112018004408B4 DE112018004408B4 DE112018004408.4T DE112018004408T DE112018004408B4 DE 112018004408 B4 DE112018004408 B4 DE 112018004408B4 DE 112018004408 T DE112018004408 T DE 112018004408T DE 112018004408 B4 DE112018004408 B4 DE 112018004408B4
- Authority
- DE
- Germany
- Prior art keywords
- latency
- connection
- network
- packets
- processor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 claims abstract description 40
- 238000012545 processing Methods 0.000 claims abstract description 25
- 238000009826 distribution Methods 0.000 claims abstract description 10
- 238000004458 analytical method Methods 0.000 claims abstract description 8
- 230000003936 working memory Effects 0.000 claims abstract 2
- 230000002159 abnormal effect Effects 0.000 claims description 19
- 238000004590 computer program Methods 0.000 claims description 15
- 230000015654 memory Effects 0.000 claims description 15
- 238000003012 network analysis Methods 0.000 claims description 6
- 238000013500 data storage Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 26
- 238000003860 storage Methods 0.000 description 14
- 238000002347 injection Methods 0.000 description 8
- 239000007924 injection Substances 0.000 description 8
- 230000007246 mechanism Effects 0.000 description 8
- 230000008569 process Effects 0.000 description 8
- 230000006870 function Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 230000004044 response Effects 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 3
- 230000002265 prevention Effects 0.000 description 3
- 230000004913 activation Effects 0.000 description 2
- 230000002547 anomalous effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 2
- 239000003795 chemical substances by application Substances 0.000 description 2
- 230000001419 dependent effect Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- RYGMFSIKBFXOCR-UHFFFAOYSA-N Copper Chemical compound [Cu] RYGMFSIKBFXOCR-UHFFFAOYSA-N 0.000 description 1
- 239000008186 active pharmaceutical agent Substances 0.000 description 1
- 238000012512 characterization method Methods 0.000 description 1
- 229910052802 copper Inorganic materials 0.000 description 1
- 239000010949 copper Substances 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000000116 mitigating effect Effects 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 230000001902 propagating effect Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/787,505 | 2017-10-18 | ||
US15/787,505 US10609068B2 (en) | 2017-10-18 | 2017-10-18 | Identification of attack flows in a multi-tier network topology |
PCT/IB2018/057875 WO2019077444A1 (en) | 2017-10-18 | 2018-10-11 | IDENTIFICATION OF ATTACK FLOW IN MULTI-LEVEL NETWORK TOPOLOGY |
Publications (2)
Publication Number | Publication Date |
---|---|
DE112018004408T5 DE112018004408T5 (de) | 2020-05-20 |
DE112018004408B4 true DE112018004408B4 (de) | 2023-02-09 |
Family
ID=66097133
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
DE112018004408.4T Active DE112018004408B4 (de) | 2017-10-18 | 2018-10-11 | Identifikation von angriffsströmen in einer mehrschichtigen netzwerktopologie |
Country Status (6)
Country | Link |
---|---|
US (2) | US10609068B2 (ja) |
JP (1) | JP7002647B2 (ja) |
CN (1) | CN111226426B (ja) |
DE (1) | DE112018004408B4 (ja) |
GB (1) | GB2579758B (ja) |
WO (1) | WO2019077444A1 (ja) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2413699B1 (en) | 2009-04-01 | 2019-11-20 | Tearscience, Inc. | Ocular surface interferometry (osi) apparatus for imaging an ocular tear film |
ES2901406T3 (es) | 2013-05-03 | 2022-03-22 | Tearscience Inc | Sistemas y métodos de iluminación de párpados para imagenología de las glándulas de Meibomio para análisis de las glándulas de Meibomio |
EP3712721A1 (de) * | 2019-03-19 | 2020-09-23 | Siemens Aktiengesellschaft | Sicherheitsrelevante diagnosemeldungen |
US20220174087A1 (en) * | 2019-03-28 | 2022-06-02 | Nec Corporation | Analysis system, method, and program |
CN111885034B (zh) * | 2020-07-15 | 2022-09-13 | 杭州安恒信息技术股份有限公司 | 物联网攻击事件追踪方法、装置和计算机设备 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160127262A1 (en) | 2014-10-31 | 2016-05-05 | The Nielsen Company (Us), Llc | Method and apparatus to throttle media access by web crawlers |
US9762610B1 (en) | 2015-10-30 | 2017-09-12 | Palo Alto Networks, Inc. | Latency-based policy activation |
Family Cites Families (60)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7653706B2 (en) * | 2000-07-19 | 2010-01-26 | Akamai Technologies, Inc. | Dynamic image delivery system |
US9525696B2 (en) * | 2000-09-25 | 2016-12-20 | Blue Coat Systems, Inc. | Systems and methods for processing data flows |
US7895431B2 (en) | 2004-09-10 | 2011-02-22 | Cavium Networks, Inc. | Packet queuing, scheduling and ordering |
US7468981B2 (en) * | 2005-02-15 | 2008-12-23 | Cisco Technology, Inc. | Clock-based replay protection |
JP4602158B2 (ja) * | 2005-05-25 | 2010-12-22 | 三菱電機株式会社 | サーバ装置保護システム |
US20090030870A1 (en) | 2007-07-27 | 2009-01-29 | Microsoft Corporation | Error propagation in object-relational mapping platform |
WO2009148021A1 (ja) * | 2008-06-03 | 2009-12-10 | 株式会社日立製作所 | パケット解析装置 |
WO2011109420A1 (en) * | 2010-03-01 | 2011-09-09 | Silver Tail Systems | System and method for network security including detection of attacks through partner websites |
US9483292B2 (en) * | 2010-11-29 | 2016-11-01 | Biocatch Ltd. | Method, device, and system of differentiating between virtual machine and non-virtualized device |
US8826437B2 (en) * | 2010-12-14 | 2014-09-02 | General Electric Company | Intelligent system and method for mitigating cyber attacks in critical systems through controlling latency of messages in a communications network |
US8789158B2 (en) * | 2011-02-17 | 2014-07-22 | Ebay Inc. | Using clock drift, clock slew, and network latency to enhance machine identification |
US8549645B2 (en) * | 2011-10-21 | 2013-10-01 | Mcafee, Inc. | System and method for detection of denial of service attacks |
US8683592B1 (en) | 2011-12-30 | 2014-03-25 | Emc Corporation | Associating network and storage activities for forensic analysis |
US9282116B1 (en) * | 2012-09-27 | 2016-03-08 | F5 Networks, Inc. | System and method for preventing DOS attacks utilizing invalid transaction statistics |
CN102882884B (zh) * | 2012-10-13 | 2014-12-24 | 国家电网公司 | 信息化生产环境下基于蜜网的风险预警系统及方法 |
US10348767B1 (en) * | 2013-02-26 | 2019-07-09 | Zentera Systems, Inc. | Cloud over IP session layer network |
WO2014199687A1 (ja) * | 2013-06-13 | 2014-12-18 | 日立オートモティブシステムズ株式会社 | ネットワーク装置およびネットワークシステム |
US9178899B2 (en) * | 2013-08-28 | 2015-11-03 | Bank Of America Corporation | Detecting automated site scans |
US9208335B2 (en) | 2013-09-17 | 2015-12-08 | Auburn University | Space-time separated and jointly evolving relationship-based network access and data protection system |
CA2929304C (en) * | 2013-11-04 | 2020-08-18 | Amazon Technologies, Inc. | Centralized networking configuration in distributed systems |
EP2879343A1 (en) * | 2013-11-29 | 2015-06-03 | Nederlandse Organisatie voor toegepast- natuurwetenschappelijk onderzoek TNO | System for protection against DDos attacks |
US10091238B2 (en) * | 2014-02-11 | 2018-10-02 | Varmour Networks, Inc. | Deception using distributed threat detection |
US9660895B1 (en) * | 2014-03-04 | 2017-05-23 | Amazon Technologies, Inc. | Geolocation routing and simulation of network conditions |
CN103916387B (zh) | 2014-03-18 | 2017-06-06 | 汉柏科技有限公司 | 一种防护ddos攻击的方法及系统 |
US9497215B2 (en) * | 2014-07-23 | 2016-11-15 | Cisco Technology, Inc. | Stealth mitigation for simulating the success of an attack |
US9800592B2 (en) * | 2014-08-04 | 2017-10-24 | Microsoft Technology Licensing, Llc | Data center architecture that supports attack detection and mitigation |
US9912681B1 (en) * | 2015-03-31 | 2018-03-06 | Fireeye, Inc. | Injection of content processing delay in an endpoint |
US10084642B2 (en) * | 2015-06-02 | 2018-09-25 | ALTR Solutions, Inc. | Automated sensing of network conditions for dynamically provisioning efficient VPN tunnels |
US10095878B2 (en) * | 2015-06-02 | 2018-10-09 | ALTR Solutions, Inc. | Internal controls engine and reporting of events generated by a network or associated applications |
US10142353B2 (en) * | 2015-06-05 | 2018-11-27 | Cisco Technology, Inc. | System for monitoring and managing datacenters |
US10536357B2 (en) * | 2015-06-05 | 2020-01-14 | Cisco Technology, Inc. | Late data detection in data center |
US9912678B2 (en) * | 2015-06-24 | 2018-03-06 | Verisign, Inc. | Techniques for automatically mitigating denial of service attacks via attack pattern matching |
US9462010B1 (en) * | 2015-07-07 | 2016-10-04 | Accenture Global Services Limited | Threat assessment level determination and remediation for a cloud-based multi-layer security architecture |
JP6028839B1 (ja) * | 2015-07-16 | 2016-11-24 | 日本電気株式会社 | 通信装置、通信処理方法、プログラム |
US10181986B2 (en) * | 2015-11-02 | 2019-01-15 | International Business Machines Corporation | Action records in virtual space |
CN105490882B (zh) | 2015-12-11 | 2018-10-23 | 上海大学 | 可抵御膨胀攻击的网络物理带宽测量方法 |
US10129125B2 (en) * | 2015-12-18 | 2018-11-13 | Mcafee, Llc | Identifying a source device in a software-defined network |
US9917775B2 (en) * | 2015-12-22 | 2018-03-13 | Mcafee, Llc | Intelligent devices in a software-defined network |
US10735438B2 (en) * | 2016-01-06 | 2020-08-04 | New York University | System, method and computer-accessible medium for network intrusion detection |
CN105743880A (zh) | 2016-01-12 | 2016-07-06 | 西安科技大学 | 一种数据分析系统 |
US10701076B2 (en) * | 2016-01-14 | 2020-06-30 | Arbor Networks, Inc. | Network management device at network edge for INS intrusion detection based on adjustable blacklisted sources |
US9942253B2 (en) * | 2016-01-15 | 2018-04-10 | Kentlik Technologies, Inc. | Network monitoring, detection, and analysis system |
US10958414B2 (en) * | 2016-02-23 | 2021-03-23 | Google Llc | Clock period randomization for defense against cryptographic attacks |
US10296748B2 (en) * | 2016-02-25 | 2019-05-21 | Sas Institute Inc. | Simulated attack generator for testing a cybersecurity system |
US20170295200A1 (en) * | 2016-04-11 | 2017-10-12 | Taric Mirza | Distributed Denial Of Service Attack Protection |
US10305807B2 (en) * | 2016-05-03 | 2019-05-28 | Citrix Systems, Inc. | Systems and methods to choose an optimal path from multiple high latency links |
US20170364794A1 (en) * | 2016-06-20 | 2017-12-21 | Telefonaktiebolaget Lm Ericsson (Publ) | Method for classifying the payload of encrypted traffic flows |
US10397247B2 (en) * | 2016-08-16 | 2019-08-27 | International Business Machines Corporation | Smart intrusion prevention policy |
EP3293937A1 (en) * | 2016-09-12 | 2018-03-14 | Vectra Networks, Inc. | Method and system for detecting malicious payloads |
US9692784B1 (en) * | 2016-10-25 | 2017-06-27 | Fortress Cyber Security, LLC | Security appliance |
US9756061B1 (en) * | 2016-11-18 | 2017-09-05 | Extrahop Networks, Inc. | Detecting attacks using passive network monitoring |
US20180159894A1 (en) * | 2016-12-01 | 2018-06-07 | Cisco Technology, Inc. | Automatic threshold limit configuration for internet of things devices |
US11122129B2 (en) * | 2016-12-31 | 2021-09-14 | Intel Corporation | Virtual network function migration |
US10757161B2 (en) * | 2017-01-09 | 2020-08-25 | Citrix Systems, Inc. | Learning technique for QoS based classification and prioritization of SAAS applications |
US10609054B2 (en) * | 2017-04-07 | 2020-03-31 | Keysight Technologies Singapore (Sales) Pte. Ltd. | Methods, systems, and computer readable media for monitoring, adjusting, and utilizing latency associated with accessing distributed computing resources |
US10904288B2 (en) * | 2017-04-18 | 2021-01-26 | Perspecta Labs Inc. | Identifying and deceiving adversary nodes and maneuvers for attack deception and mitigation |
US10762201B2 (en) * | 2017-04-20 | 2020-09-01 | Level Effect LLC | Apparatus and method for conducting endpoint-network-monitoring |
US10484418B2 (en) * | 2017-05-26 | 2019-11-19 | ShieldX Networks, Inc. | Systems and methods for updating security policies for network traffic |
US10862921B2 (en) * | 2017-07-31 | 2020-12-08 | Cisco Technology, Inc. | Application-aware intrusion detection system |
US10116671B1 (en) * | 2017-09-28 | 2018-10-30 | International Business Machines Corporation | Distributed denial-of-service attack detection based on shared network flow information |
-
2017
- 2017-10-18 US US15/787,505 patent/US10609068B2/en not_active Expired - Fee Related
-
2018
- 2018-10-11 CN CN201880067465.5A patent/CN111226426B/zh active Active
- 2018-10-11 WO PCT/IB2018/057875 patent/WO2019077444A1/en active Application Filing
- 2018-10-11 GB GB2006906.8A patent/GB2579758B/en active Active
- 2018-10-11 DE DE112018004408.4T patent/DE112018004408B4/de active Active
- 2018-10-11 JP JP2020518625A patent/JP7002647B2/ja active Active
-
2020
- 2020-01-14 US US16/742,465 patent/US11122077B2/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160127262A1 (en) | 2014-10-31 | 2016-05-05 | The Nielsen Company (Us), Llc | Method and apparatus to throttle media access by web crawlers |
US9762610B1 (en) | 2015-10-30 | 2017-09-12 | Palo Alto Networks, Inc. | Latency-based policy activation |
Also Published As
Publication number | Publication date |
---|---|
CN111226426A (zh) | 2020-06-02 |
US11122077B2 (en) | 2021-09-14 |
US10609068B2 (en) | 2020-03-31 |
US20200153857A1 (en) | 2020-05-14 |
DE112018004408T5 (de) | 2020-05-20 |
US20190116203A1 (en) | 2019-04-18 |
GB202006906D0 (en) | 2020-06-24 |
CN111226426B (zh) | 2022-09-13 |
GB2579758A (en) | 2020-07-01 |
GB2579758B (en) | 2021-02-24 |
WO2019077444A1 (en) | 2019-04-25 |
JP7002647B2 (ja) | 2022-01-20 |
JP2021500640A (ja) | 2021-01-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE112018004408B4 (de) | Identifikation von angriffsströmen in einer mehrschichtigen netzwerktopologie | |
US11297088B2 (en) | System and method for comprehensive data loss prevention and compliance management | |
DE60308722T2 (de) | Verfahren, vorrichtung und computersoftware-produkt zur reaktion auf computereinbrüche | |
Nikolai et al. | Hypervisor-based cloud intrusion detection system | |
DE112014001229B4 (de) | Verfahren, Datenverarbeitungssystem und Computerprogrammprodukt zum Verarbeiten einer Datenbank-Client-Anforderung | |
DE112010003454B4 (de) | Bedrohungserkennung in einem Datenverarbeitungssystem | |
CN106790091B (zh) | 一种云安全防护系统以及流量清洗方法 | |
DE102016203565B4 (de) | Identifizieren von bösartigen Web-Infrastrukturen | |
DE112011101831B4 (de) | Schutz vor websiteübergreifenden Scripting-Attacken | |
DE112019004913T5 (de) | Erfassen von unangemessener aktivität in anwesenheit von nicht authentifizierten api-anforderungen unter verwendung von künstlicher intelligenz | |
DE112011103273B4 (de) | Verfahren, Computerprogrammprodukt und Vorrichtung zur Weitergabe von Identitäten über Anwendungsebenen unter Verwendung von kontextabhängiger Zuordnung und gesetzten Werten | |
DE202011111121U1 (de) | System zum Erfassen komplexer Schadsoftware | |
EP2966828B1 (de) | Verfahren zum Erkennen eines Angriffs auf eine mit einem Kommunikationsnetzwerk verbundene Arbeitsumgebung | |
DE112017000937B4 (de) | Persistente Datenflusserkennungen, die verteilte Anwendungen ermöglichen | |
DE10249427A1 (de) | System und Verfahren zum Definieren des Sicherheitszustands eines Computersystems | |
DE112014002789T5 (de) | Netzwerksicherheitssystem | |
DE112012000279T5 (de) | Ermitteln der Anfälligkeit von Computer-Software-Anwendungen gegenüber Rechteausweitungsangriffen | |
DE112014000578T5 (de) | System und Verfahren zum Erkennen eines kompromittierten Computersystems | |
DE112019000594T5 (de) | Injizieren von Abfangcode in einen Ausführungspfad eines ein Programm ausführenden Prozesses, um einen Abfangadressbereich zu erzeugen, um möglichen schädlichen Programmcode zu erkennen | |
DE102015107073A1 (de) | Vorrichtung und Verfahren zur Steuerung eines Kommunikationsnetzwerks | |
DE102020112592A1 (de) | Anwendungsverhaltensbezogene Fingerabdrücke | |
DE112022003368T5 (de) | Verschlüsselungsüberwachungsregister und -system | |
EP3655876B1 (de) | Ein-chip-system, verfahren zum betrieb eines ein-chip-systems und kraftfahrzeug | |
DE112021000455T5 (de) | Deep packet analyse | |
EP3824612B1 (de) | Penetrationstestverfahren, computerprogramm und vorrichtung zur datenverarbeitung |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
R012 | Request for examination validly filed | ||
R079 | Amendment of ipc main class |
Free format text: PREVIOUS MAIN CLASS: H04L0029060000 Ipc: H04L0012260000 |
|
R079 | Amendment of ipc main class |
Free format text: PREVIOUS MAIN CLASS: H04L0012260000 Ipc: H04L0043000000 |
|
R016 | Response to examination communication | ||
R018 | Grant decision by examination section/examining division | ||
R084 | Declaration of willingness to licence | ||
R020 | Patent grant now final |